<?php
session_start();
ob_start();
if(!$current_user->data->ID)
{
	wp_redirect(get_settings('home').'/index.php?page=login');
	exit;
}
global $wpdb,$General;

if($_POST)
{
	$amount = $_POST['amount'];
	$_POST = $_SESSION['ads_information_session']['post'];
	
	$general_settings = $General->get_general_settings();
	$termid = addslashes($_POST['termid']);
	$post_title = addslashes($_POST['post_title']);
	$description = $_POST['description'];
	$post_price = addslashes($_POST['post_price']);
	$post_location = addslashes($_POST['post_location']);  
	$owner_name = addslashes($_POST['owner_name']);
	$owner_email = addslashes($_POST['owner_email']);
	$owner_phone = addslashes($_POST['owner_phone']);
	$post_tags = addslashes($_POST['post_tags']);
	$post_url = addslashes($_POST['post_url']);
	$coupon_code = addslashes($_POST['coupon_code']);
	
	$expiry_days = get_option('job_post_expiry_days');
	$post_images = '';
	if($_SESSION['ads_information_session']['images'])
	{
		$post_images = implode(',',$_SESSION['ads_information_session']['images']);
	}
	
	$alive_days = $General->get_ads_alive_days();
	$custom = array("post_location" 	=> $post_location,
					"owner_name"		=> $owner_name,
					"owner_email" 		=> $owner_email,
					"owner_phone" 		=> $owner_phone,
					"post_url"			=> $post_url,
					"post_images"		=> $post_images,
					"active_days"		=> $alive_days,	
					);

	
	$_SESSION['ads_information_session'] = array();
	if($_REQUEST['pid'])
	{
		$pid = $_REQUEST['pid'];
		$post_name = strtolower(str_replace(array("'",'"',"?",".","!","@","#","$","%","^","&","*","(",")","-","+","+"," "),array('-','-','-','-','-','-','-','-','-','-','-','-','-','-','-','-','-','-','-'),$post_title));
		if($_REQUEST['type']=='renew')
		{
			$date = date('Y-m-d H:i:s');
			if($amount == '' || $amount <= 0)
			{
				$post_default_status = $General->get_ads_default_status();
			}else
			{
				$post_default_status = 'draft';
			}
			$post_date = date('Y-m-d');
			$postsql = "update $wpdb->posts set post_title=\"$post_title\", post_content=\"$description\",post_name=\"$post_name\",post_status=\"$post_default_status\",post_date=\"$post_date\" where ID=\"$pid\"";
		}else
		{
			$postsql = "update $wpdb->posts set post_title=\"$post_title\", post_content=\"$description\",post_name=\"$post_name\" where ID=\"$pid\"";
		}

		$wpdb->query($postsql);
		foreach($custom as $key=>$val)
		{				
			update_post_meta($pid, $key, $val);
		}
		if($_POST['termid'])
		{
			$categoryId = $_POST['termid'];
			$fea_categoryId = $General->get_feature_catid();
			$term_taxonomy_id_fea = $wpdb->get_var("SELECT term_taxonomy_id FROM $wpdb->term_taxonomy where term_id=\"$fea_categoryId\" and taxonomy='category'");
			$term_cat_id = $wpdb->get_var("SELECT tt.term_id FROM $wpdb->term_relationships tr join $wpdb->term_taxonomy tt on tt.term_taxonomy_id=tr.term_taxonomy_id   where tr.object_id=\"$pid\" and tr.term_taxonomy_id !=\"$term_taxonomy_id_fea\"");
			if($term_cat_id != $categoryId)
			{
				$term_taxonomy_id_old = $wpdb->get_var("SELECT term_taxonomy_id FROM $wpdb->term_taxonomy where term_id=\"$term_cat_id\" and taxonomy='category'");
				$term_taxonomy_id = $wpdb->get_var("SELECT term_taxonomy_id FROM $wpdb->term_taxonomy where term_id=\"$categoryId\" and taxonomy='category'");
				$termsql = "update $wpdb->term_relationships set term_taxonomy_id=\"$term_taxonomy_id\" where object_id=\"$pid\" and term_taxonomy_id=\"$term_taxonomy_id_old\"";
				$wpdb->query($termsql);
				$count1 = $wpdb->get_var("SELECT count(object_id) FROM $wpdb->term_relationships where term_id=\"$fea_categoryId\" and taxonomy='category'");
				$count2 = $wpdb->get_var("SELECT count(object_id) FROM $wpdb->term_relationships where term_id=\"$term_cat_id\" and taxonomy='category'");
				$termpostcount = "update $wpdb->term_taxonomy set count=$count1 where term_id=\"$categoryId\" and taxonomy='category'";
				$wpdb->query($termpostcount);
				$termpostcount = "update $wpdb->term_taxonomy set count=$count2 where term_id=\"$term_cat_id\" and taxonomy='category'";
				$wpdb->query($termpostcount);
			}
		}
			
			$termssql = "select t.term_id from $wpdb->terms t join $wpdb->term_taxonomy tt on tt.term_id=t.term_id join $wpdb->term_relationships tr on tr.term_taxonomy_id=tt.term_taxonomy_id where  tr.object_id=\"$pid\" and tt.taxonomy='post_tag'";
			$termsinfo = $wpdb->get_results($termssql);
			if($termsinfo)
			{
				$termdbarr = array();
				foreach($termsinfo as $termsinfojb)
				{
					wp_delete_term( $termsinfojb->term_id, 'post_tag');
				}
			}
		if($post_tags)
		{
			$post_tags_arr = explode(',',$post_tags);

			for($t=0;$t<count($post_tags_arr);$t++)
			{
				$posttag = trim($post_tags_arr[$t]);
				$posttag_slug = strtolower(str_replace(array("'",'"',"?",".","!","@","#","$","%","^","&","*","(",")","-","+","+"," "),array('-','-','-','-','-','-','-','-','-','-','-','-','-','-','-','-','-','-','-'),$posttag));
				$term_id = $wpdb->get_var("SELECT t.term_id FROM $wpdb->terms t join $wpdb->term_taxonomy tt on tt.term_id=t.term_id where t.name=\"$posttag\" and tt.taxonomy='post_tag'");
				if($term_id == '')
				{
					$termsql = "insert into $wpdb->terms (name,slug) values (\"$posttag\",\"$posttag_slug\")";
					$wpdb->query($termsql);
					$last_termsid = $wpdb->get_var("SELECT max(term_id) as term_id FROM $wpdb->terms");
				}else
				{
					$last_termsid = $term_id;
				}
				$term_taxonomy_id = $wpdb->get_var("SELECT term_taxonomy_id FROM $wpdb->term_taxonomy where term_id=\"$last_termsid\" and taxonomy='post_tag'");
				if($term_taxonomy_id=='')
				{
					$termpost = "insert into $wpdb->term_taxonomy (term_id,taxonomy,count) values (\"$last_termsid\",'post_tag',1)";
					$wpdb->query($termpost);
					$term_taxonomy_id = $wpdb->get_var("SELECT term_taxonomy_id FROM $wpdb->term_taxonomy where term_id=\"$last_termsid\" and taxonomy='post_tag'");
				}else
				{
					$termpost = "update $wpdb->term_taxonomy set count=count+1 where term_taxonomy_id=\"$term_taxonomy_id\"";
					$wpdb->query($termpost);
				}
				$termsql = "insert into $wpdb->term_relationships (object_id,term_taxonomy_id) values (\"$pid\",\"$term_taxonomy_id\")";
				$wpdb->query($termsql);
			}
		}
		$_SESSION['session_message'] = INFO_UPDATE_SUCCESS_MSG;
		if($_REQUEST['type']=='renew')
		{
			if($amount == '' || $amount <= 0)
			{
				wp_redirect(get_option('siteurl').'/?page=ads_success');
				exit;
			}else
			{
				$currency_code = $general_settings['currency'];
				$paypal_merchantid = $general_settings['paypal_merchantid'];
				$returnUrl = get_option('siteurl').'/?page=return&pid='.$last_postid;
				$cancel_return = get_option('siteurl').'/?page=cancel&pid='.$last_postid;
				$notify_url = get_option('siteurl').'/?page=ipn';
				$item_name = PAYPAL_ITEM_DESC_TEXT.$post_title;
				echo' 	
				<form name="frm_payment_method" action="https://www.paypal.com/cgi-bin/webscr" method="post">
			<input type="hidden" value="'.$amount.'" name="amount"/>
			<input type="hidden" value="'.$returnUrl.'" name="return"/>
			<input type="hidden" value="'.$cancel_return.'" name="cancel_return"/>
			<input type="hidden" value="'.$notify_url.'" name="notify_url"/>
			<input type="hidden" value="_xclick" name="cmd"/>
			<input type="hidden" value="'.$item_name.'" name="item_name"/>
			<input type="hidden" value="'.$paypal_merchantid.'" name="business"/>
			<input type="hidden" value="'.$currency_code.'" name="currency_code"/>
			<input type="hidden" value="'.$last_postid.'" name="custom" />
			</form>
			<br /><br /><br />
			<center><p><h1>'.PAYPAL_PROCESSING_MSG.'</h1></p></center>
			<script>
			setTimeout("document.frm_payment_method.submit()",100); 
			</script>';
			}
		}else
		{
			wp_redirect(get_option('siteurl').'/?page=dashboard&msg=success');
			exit;
		}
		exit;
	}else
	{
		$date = date('Y-m-d H:i:s');
		if($amount == '' || $amount <= 0)
		{
			$post_default_status = $General->get_ads_default_status();
		}else
		{
			$post_default_status = 'draft';
		}
		global $user_identity;
		get_currentuserinfo();
		$userID =  $current_user->data->ID;
		$post_name = strtolower(str_replace(array("'",'"',"?",".","!","@","#","$","%","^","&","*","(",")","-","+","+"," "),array('-','-','-','-','-','-','-','-','-','-','-','-','-','-','-','-','-','-','-'),$post_title));
		//$post_name = str_replace(array("'",'"',"?",".","!","@","#","$","%","^","&","*","(",")","-","+","+"," "),'-',$post_title);
		$post_name_count = $wpdb->get_var("SELECT count(ID) FROM $wpdb->posts where post_name like \"$post_name%\"");
		if($post_name_count>0)
		{
			$post_name = $post_name.'-'.($post_name_count+1);
		}
		$postsql = "insert into $wpdb->posts (post_date,post_date_gmt,post_title,post_content,post_status,post_author,post_name) values (\"$date\",\"$date\",\"$post_title\",\"$description\",\"$post_default_status\",\"$userID\",\"$post_name\")";
		$wpdb->query($postsql);  //publish
		$last_postid = $wpdb->get_var("SELECT max(ID) as ID FROM $wpdb->posts");
		if($last_postid)
		{
			$guid = get_option('siteurl')."/?p=$last_postid";
			$post_update = "update $wpdb->posts set guid=\"$guid\" where ID=\"$last_postid\"";
			$wpdb->query($post_update);
		}
		$custom["post_price"] = $post_price;
		$custom["amount"] = $amount;
		$custom["coupon_code"] = $coupon_code;
		foreach($custom as $key=>$val)
		{				
			//$metasql = "insert into $wpdb->postmeta (post_id,meta_key,meta_value) values (\"$last_postid\",\"$key\",\"$val\")";
			//$wpdb->query($metasql);
			update_post_meta($last_postid, $key, $val);
		}
		if($_POST['termid'])
		{
			$categoryId = $_POST['termid'];
			$term_taxonomy_id = $wpdb->get_var("SELECT term_taxonomy_id FROM $wpdb->term_taxonomy where term_id=\"$categoryId\" and taxonomy='category'");
			$termsql = "insert into $wpdb->term_relationships (object_id,term_taxonomy_id) values (\"$last_postid\",\"$term_taxonomy_id\")";
			$wpdb->query($termsql);
			$termpostcount = "update $wpdb->term_taxonomy set count=count+1 where term_id=\"$categoryId\"";
			$wpdb->query($termpostcount);
			if($_POST['feature_prd'])
			{
				if($General->get_feature_catid())
				{
					$categoryId = $General->get_feature_catid();
					if($categoryId!='')
					{
						$term_taxonomy_id = $wpdb->get_var("SELECT term_taxonomy_id FROM $wpdb->term_taxonomy where term_id=\"$categoryId\" and taxonomy='category'");
						$termsql = "insert into $wpdb->term_relationships (object_id,term_taxonomy_id) values (\"$last_postid\",\"$term_taxonomy_id\")";
						$wpdb->query($termsql);
						$termpostcount = "update $wpdb->term_taxonomy set count=count+1 where term_id=\"$categoryId\"";
						$wpdb->query($termpostcount);
					}
				}
			}
		}
		if($post_tags)
		{
			$post_tags_arr = explode(',',$post_tags);
			for($t=0;$t<count($post_tags_arr);$t++)
			{
				$posttag = trim($post_tags_arr[$t]);
				$posttag_slug = strtolower(str_replace(array("'",'"',"?",".","!","@","#","$","%","^","&","*","(",")","-","+","+"," "),array('-','-','-','-','-','-','-','-','-','-','-','-','-','-','-','-','-','-','-'),$posttag));
				$term_id = $wpdb->get_var("SELECT t.term_id FROM $wpdb->terms t join $wpdb->term_taxonomy tt on tt.term_id=t.term_id where t.name=\"$posttag\" and tt.taxonomy='post_tag'");
				if($term_id == '')
				{
					$termsql = "insert into $wpdb->terms (name,slug) values (\"$posttag\",\"$posttag_slug\")";
					$wpdb->query($termsql);
					$last_termsid = $wpdb->get_var("SELECT max(term_id) as term_id FROM $wpdb->terms");
				}else
				{
					$last_termsid = $term_id;
				}
				$term_taxonomy_id = $wpdb->get_var("SELECT term_taxonomy_id FROM $wpdb->term_taxonomy where term_id=\"$last_termsid\" and taxonomy='post_tag'");
				if($term_taxonomy_id=='')
				{
					$termpost = "insert into $wpdb->term_taxonomy (term_id,taxonomy,count) values (\"$last_termsid\",'post_tag',1)";
					$wpdb->query($termpost);
					$term_taxonomy_id = $wpdb->get_var("SELECT term_taxonomy_id FROM $wpdb->term_taxonomy where term_id=\"$last_termsid\" and taxonomy='post_tag'");
				}else
				{
					$termpost = "update $wpdb->term_taxonomy set count=count+1 where term_taxonomy_id=\"$term_taxonomy_id\"";
					$wpdb->query($termpost);
				}
				$termsql = "insert into $wpdb->term_relationships (object_id,term_taxonomy_id) values (\"$last_postid\",\"$term_taxonomy_id\")";
				$wpdb->query($termsql);
			}
		}

		if($amount == '' || $amount <= 0)
		{
			wp_redirect(get_option('siteurl').'/?page=ads_success');
			exit;
		}else
		{
			$currency_code = $general_settings['currency'];
			$paypal_merchantid = $general_settings['paypal_merchantid'];
			$returnUrl = get_option('siteurl').'/?page=return&pid='.$last_postid;
			$cancel_return = get_option('siteurl').'/?page=cancel&pid='.$last_postid;
			$notify_url = get_option('siteurl').'/?page=ipn';
			$item_name = PAYPAL_ITEM_DESC_TEXT.$post_title;

			echo' 	
			<form name="frm_payment_method" action="https://www.paypal.com/cgi-bin/webscr" method="post">
			<input type="hidden" value="'.$amount.'" name="amount"/>
			<input type="hidden" value="'.$returnUrl.'" name="return"/>
			<input type="hidden" value="'.$cancel_return.'" name="cancel_return"/>
			<input type="hidden" value="'.$notify_url.'" name="notify_url"/>
			<input type="hidden" value="_xclick" name="cmd"/>
			<input type="hidden" value="'.$item_name.'" name="item_name"/>
			<input type="hidden" value="'.$paypal_merchantid.'" name="business"/>
			<input type="hidden" value="'.$currency_code.'" name="currency_code"/>
			<input type="hidden" value="'.$last_postid.'" name="custom" />
			</form>
			<br /><br /><br />
			<center><p><h1>'.PAYPAL_PROCESSING_MSG.'</h1></p></center>
			<script>
			setTimeout("document.frm_payment_method.submit()",100); 
			</script>';
		}
	exit;
	}
}
?>